Efficient and Private Three-Party Publish/Subscribe

We consider the problem of modeling and designing publish/subscribe protocols that safeguard the privacy of clients’ subscriptions and of servers’ publications while guaranteeing efficient latency in challenging scenarios (i.e., real-time publication, high data arrival rate, etc.). As general solutions from the theory of secure function evaluation protocols would not achieve satisfactory performance in these scenarios, we enrich the model with a third party (e.g., a cloud server). Our main result is a three-party publish/subscribe protocol suitable for practical applications in such scenarios because the publication phase uses only symmetric cryptography operations (a result believed not possible without the third party). At the cost of only a very small amount of privacy loss to the third party, and with no privacy loss to the publishing server or the clients, our protocol has very small publication latency, which we measured for large parameter ranges to be just a small constant factor worse than a publish/subscribe protocol guaranteeing no privacy.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[3]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[4]  David S. Rosenblum,et al.  Enabling Confidentiality in Content-Based Publish/Subscribe Infrastructures , 2006, 2006 Securecomm and Workshops.

[5]  Kurt Rothermel,et al.  Providing basic security mechanisms in broker-less publish/subscribe systems , 2010, DEBS '10.

[6]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[7]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[8]  Bruno Crispo,et al.  Supporting Publication and Subscription Confidentiality in Pub/Sub Networks , 2010, SecureComm.

[9]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[10]  Marianne Winslett,et al.  Secure aggregation in a publish-subscribe system , 2008, WPES '08.

[11]  Rafail Ostrovsky,et al.  Conditional Oblivious Transfer and Timed-Release Encryption , 1999, EUROCRYPT.

[12]  Elisa Bertino,et al.  A Privacy-Enhancing Content-Based Publish/Subscribe System Using Scalar Product Preserving Transformations , 2010, DEXA.

[13]  Joud Khoury,et al.  P3S: A Privacy Preserving Publish-Subscribe Middleware , 2012, Middleware.

[14]  Refik Molva,et al.  Privacy-Preserving Content-Based Publish/Subscribe Networks , 2009, SEC.

[15]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[16]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[17]  Russell Impagliazzo,et al.  Limits on the Provable Consequences of One-way Permutations , 1988, CRYPTO.

[18]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[19]  Giovanni Di Crescenzo,et al.  Sharing Block Ciphers , 2000, ACISP.